feat: Add galasactl secrets get command and formatters

Signed-off-by: Eamonn Mansour <47121388+eamansour@users.noreply.github.com>
galasa-dev · Oct 28, 2024 · 390ffb6 · 390ffb6
1 parent 3e710bc
commit 390ffb6
Show file tree

Hide file tree

Showing 27 changed files with 2,514 additions and 51 deletions.
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -76,6 +76,16 @@
     }
   ],
   "results": {
+    "dockerfiles/certs/ibminter.pem": [
+      {
+        "hashed_secret": "b3723414cb4a90ac8c2bc504ea01923fe5fccc8a",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 28,
+        "type": "Artifactory Credentials",
+        "verified_result": null
+      }
+    ],
     "gherkin-docs.md": [
       {
         "hashed_secret": "c61db10457a740b07845146f2d1b391c133a6ebf",
@@ -125,6 +135,82 @@
         "type": "Hex High Entropy String",
         "verified_result": null
       }
+    ],
+    "pkg/secrets/secretsDelete_test.go": [
+      {
+        "hashed_secret": "2dfbe3ec00a96d6f711d9a70f78be17f6fd574ca",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 83,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "pkg/secrets/secretsGet_test.go": [
+      {
+        "hashed_secret": "11747ed2a3904f82931baf592443772259ea8dc1",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 25,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "347cd9c53ff77d41a7b22aa56c7b4efaf54658e3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 57,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "2dfbe3ec00a96d6f711d9a70f78be17f6fd574ca",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 274,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "pkg/secretsformatter/summaryFormatter.go": [
+      {
+        "hashed_secret": "4d55af37dbbb6a42088d917caa1ca25428ec42c9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 44,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "pkg/secretsformatter/summaryFormatter_test.go": [
+      {
+        "hashed_secret": "11747ed2a3904f82931baf592443772259ea8dc1",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 19,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "pkg/secretsformatter/yamlFormatter.go": [
+      {
+        "hashed_secret": "4d55af37dbbb6a42088d917caa1ca25428ec42c9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 34,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "pkg/secretsformatter/yamlFormatter_test.go": [
+      {
+        "hashed_secret": "347cd9c53ff77d41a7b22aa56c7b4efaf54658e3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 25,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
     ]
   },
   "version": "0.13.1+ibm.62.dss",

diff --git a/README.md b/README.md
@@ -631,8 +631,45 @@ galasactl resources delete -f my_resources.yaml
 
 For a complete list of supported parameters see [here](./docs/generated/galasactl_resources_delete.md).
 
+## secrets get
 
+This command retrieves a list of secrets stored in the Galasa Ecosystem's credentials store. The retrieved secrets can be displayed in different formats, including `summary` and `yaml` formats, based on the value provided by the `--format` flag. If `--format` is not provided, secrets will be displayed in the `summary` format by default.
 
+### Examples
+
+All secrets stored in a Galasa Ecosystem can be retrieved using the following command:
+
+```
+galasactl secrets get
+```
+
+To get a specific secret named `SYSTEM1`, the `--name` flag can be provided as follows:
+
+```
+galasactl secrets get --name SYSTEM1
+```
+
+To display a secret in a different format, like YAML, the `--format` flag can be provided:
+
+```
+galasactl secrets get --name SYSTEM1 --format yaml
+```
+
+For a complete list of supported parameters see [here](./docs/generated/galasactl_secrets_get.md).
+
+## secrets delete
+
+This command deletes a secret with the given name from the Galasa Ecosystem's credentials store. The name of the secret to be deleted must be provided using the `--name` flag.
+
+### Examples
+
+To delete a secret named `SYSTEM1`, run the following command:
+
+```
+galasactl secrets delete --name SYSTEM1
+```
+
+For a complete list of supported parameters see [here](./docs/generated/galasactl_secrets_delete.md).
 
 ## Reference Material
 

diff --git a/docs/generated/errors-list.md b/docs/generated/errors-list.md
@@ -162,6 +162,25 @@ The `galasactl` tool can generate the following errors:
 - GAL1164E: An attempt to delete a run named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
 - GAL1165E: '{}' is not supported as a valid login ID. Login ID should not contain spaces.
 - GAL1166E: The loginId provided by the --user field cannot be an empty string.
+- GAL1167E: An attempt to delete a secret named '{}' failed. Unexpected http status code {} received from the server.
+- GAL1168E: An attempt to delete a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server could not be read. Cause: {}
+- GAL1169E: An attempt to delete a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in a valid json format. Cause: '{}'
+- GAL1170E: An attempt to delete a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are: '{}'
+- GAL1171E: An attempt to delete a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
+- GAL1172E: Invalid secret name provided. The name provided with the --name flag cannot be empty or contain spaces.
+- GAL1173E: An attempt to delete a secret named '{}' failed. Sending the delete request to the Galasa service failed. Cause is {}
+- GAL1174E: An attempt to get a secret named '{}' failed. Unexpected http status code {} received from the server.
+- GAL1175E: An attempt to get a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server could not be read. Cause: {}
+- GAL1176E: An attempt to get a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in a valid json format. Cause: '{}'
+- GAL1177E: An attempt to get a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are: '{}'
+- GAL1178E: An attempt to get a secret named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
+- GAL1179E: An attempt to get a secret named '{}' failed. Sending the get request to the Galasa service failed. Cause is {}
+- GAL1180E: Failed to get secrets. Unexpected http status code {} received from the server.
+- GAL1181E: Failed to get secrets. Unexpected http status code {} received from the server. Error details from the server could not be read. Cause: {}
+- GAL1182E: Failed to get secrets. Unexpected http status code {} received from the server. Error details from the server are not in a valid json format. Cause: '{}'
+- GAL1183E: Failed to get secrets. Unexpected http status code {} received from the server. Error details from the server are: '{}'
+- GAL1184E: Failed to get secrets. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
+- GAL1185E: Failed to get secrets. Sending the get request to the Galasa service failed. Cause is {}
 - GAL1225E: Failed to open file '{}' cause: {}. Check that this file exists, and that you have read permissions.
 - GAL1226E: Internal failure. Contents of gzip could be read, but not decoded. New gzip reader failed: file: {} error: {}
 - GAL1227E: Internal failure. Contents of gzip could not be decoded. {} error: {}

diff --git a/docs/generated/galasactl.md b/docs/generated/galasactl.md
@@ -22,5 +22,6 @@ A tool for controlling Galasa resources using the command-line.
 * [galasactl properties](galasactl_properties.md)	 - Manages properties in an ecosystem
 * [galasactl resources](galasactl_resources.md)	 - Manages resources in an ecosystem
 * [galasactl runs](galasactl_runs.md)	 - Manage test runs in the ecosystem
+* [galasactl secrets](galasactl_secrets.md)	 - Manage secrets stored in the Galasa service's credentials store
 * [galasactl users](galasactl_users.md)	 - Manages users in an ecosystem
 
diff --git a/docs/generated/galasactl_secrets.md b/docs/generated/galasactl_secrets.md
@@ -0,0 +1,28 @@
+## galasactl secrets
+
+Manage secrets stored in the Galasa service's credentials store
+
+### Synopsis
+
+The parent command for operations to manipulate secrets in the Galasa service's credentials store
+
+### Options
+
+```
+  -b, --bootstrap string   Bootstrap URL. Should start with 'http://' or 'file://'. If it starts with neither, it is assumed to be a fully-qualified path. If missing, it defaults to use the 'bootstrap.properties' file in your GALASA_HOME. Example: http://example.com/bootstrap, file:///user/myuserid/.galasa/bootstrap.properties , file://C:/Users/myuserid/.galasa/bootstrap.properties
+  -h, --help               Displays the options for the 'secrets' command.
+```
+
+### Options inherited from parent commands
+
+```
+      --galasahome string   Path to a folder where Galasa will read and write files and configuration settings. The default is '${HOME}/.galasa'. This overrides the GALASA_HOME environment variable which may be set instead.
+  -l, --log string          File to which log information will be sent. Any folder referred to must exist. An existing file will be overwritten. Specify "-" to log to stderr. Defaults to not logging.
+```
+
+### SEE ALSO
+
+* [galasactl](galasactl.md)	 - CLI for Galasa
+* [galasactl secrets delete](galasactl_secrets_delete.md)	 - Deletes a secret from the credentials store
+* [galasactl secrets get](galasactl_secrets_get.md)	 - Get secrets from the credentials store
+
diff --git a/docs/generated/galasactl_secrets_delete.md b/docs/generated/galasactl_secrets_delete.md
@@ -0,0 +1,31 @@
+## galasactl secrets delete
+
+Deletes a secret from the credentials store
+
+### Synopsis
+
+Deletes a secret from the credentials store
+
+```
+galasactl secrets delete [flags]
+```
+
+### Options
+
+```
+  -h, --help          Displays the options for the 'secrets delete' command.
+      --name string   A mandatory flag that identifies the secret to be created or manipulated.
+```
+
+### Options inherited from parent commands
+
+```
+  -b, --bootstrap string    Bootstrap URL. Should start with 'http://' or 'file://'. If it starts with neither, it is assumed to be a fully-qualified path. If missing, it defaults to use the 'bootstrap.properties' file in your GALASA_HOME. Example: http://example.com/bootstrap, file:///user/myuserid/.galasa/bootstrap.properties , file://C:/Users/myuserid/.galasa/bootstrap.properties
+      --galasahome string   Path to a folder where Galasa will read and write files and configuration settings. The default is '${HOME}/.galasa'. This overrides the GALASA_HOME environment variable which may be set instead.
+  -l, --log string          File to which log information will be sent. Any folder referred to must exist. An existing file will be overwritten. Specify "-" to log to stderr. Defaults to not logging.
+```
+
+### SEE ALSO
+
+* [galasactl secrets](galasactl_secrets.md)	 - Manage secrets stored in the Galasa service's credentials store
+
diff --git a/docs/generated/galasactl_secrets_get.md b/docs/generated/galasactl_secrets_get.md
@@ -0,0 +1,32 @@
+## galasactl secrets get
+
+Get secrets from the credentials store
+
+### Synopsis
+
+Get a list of secrets or a specific secret from the credentials store
+
+```
+galasactl secrets get [flags]
+```
+
+### Options
+
+```
+      --format string   the output format of the returned secrets. Supported formats are: 'summary', 'yaml'. (default "summary")
+  -h, --help            Displays the options for the 'secrets get' command.
+      --name string     An optional flag that identifies the secret to be retrieved.
+```
+
+### Options inherited from parent commands
+
+```
+  -b, --bootstrap string    Bootstrap URL. Should start with 'http://' or 'file://'. If it starts with neither, it is assumed to be a fully-qualified path. If missing, it defaults to use the 'bootstrap.properties' file in your GALASA_HOME. Example: http://example.com/bootstrap, file:///user/myuserid/.galasa/bootstrap.properties , file://C:/Users/myuserid/.galasa/bootstrap.properties
+      --galasahome string   Path to a folder where Galasa will read and write files and configuration settings. The default is '${HOME}/.galasa'. This overrides the GALASA_HOME environment variable which may be set instead.
+  -l, --log string          File to which log information will be sent. Any folder referred to must exist. An existing file will be overwritten. Specify "-" to log to stderr. Defaults to not logging.
+```
+
+### SEE ALSO
+
+* [galasactl secrets](galasactl_secrets.md)	 - Manage secrets stored in the Galasa service's credentials store
+
diff --git a/pkg/cmd/commandCollection.go b/pkg/cmd/commandCollection.go
@@ -59,6 +59,9 @@ const (
 	COMMAND_NAME_RESOURCES_CREATE         = "resources create"
 	COMMAND_NAME_RESOURCES_UPDATE         = "resources update"
 	COMMAND_NAME_RESOURCES_DELETE         = "resources delete"
+	COMMAND_NAME_SECRETS                  = "secrets"
+	COMMAND_NAME_SECRETS_GET              = "secrets get"
+	COMMAND_NAME_SECRETS_DELETE           = "secrets delete"
 	COMMAND_NAME_USERS                    = "users"
 	COMMAND_NAME_USERS_GET                = "users get"
 )
@@ -142,6 +145,10 @@ func (commands *commandCollectionImpl) init(factory spi.Factory) error {
 		err = commands.addResourcesCommands(factory, rootCommand)
 	}
 
+	if err == nil {
+		err = commands.addSecretsCommands(factory, rootCommand)
+	}
+
 	if err == nil {
 		err = commands.addUsersCommands(factory, rootCommand)
 	}
@@ -375,6 +382,32 @@ func (commands *commandCollectionImpl) addResourcesCommands(factory spi.Factory,
 	return err
 }
 
+func (commands *commandCollectionImpl) addSecretsCommands(factory spi.Factory, rootCommand spi.GalasaCommand) error {
+
+	var err error
+	var secretsCommand spi.GalasaCommand
+	var secretsGetCommand spi.GalasaCommand
+	var secretsDeleteCommand spi.GalasaCommand
+
+	secretsCommand, err = NewSecretsCmd(rootCommand)
+
+	if err == nil {
+		secretsGetCommand, err = NewSecretsGetCommand(factory, secretsCommand, rootCommand)
+	}
+
+	if err == nil {
+		secretsDeleteCommand, err = NewSecretsDeleteCommand(factory, secretsCommand, rootCommand)
+	}
+
+	if err == nil {
+		commands.commandMap[secretsCommand.Name()] = secretsCommand
+		commands.commandMap[secretsGetCommand.Name()] = secretsGetCommand
+		commands.commandMap[secretsDeleteCommand.Name()] = secretsDeleteCommand
+	}
+
+	return err
+}
+
 func (commands *commandCollectionImpl) addUsersCommands(factory spi.Factory, rootCommand spi.GalasaCommand) error {
 
 	var err error